CVE-2024-51417: Property reflection in System.Linq.Dynamic.Core
(updated )
An issue in System.Linq.Dynamic.Core versions before v.1.6.0 allow remote access to properties on reflection types and static properties/fields.
References
- dynamic-linq.net/expression-language
- github.com/advisories/GHSA-4cv2-4hjh-77rx
- github.com/zzzprojects/System.Linq.Dynamic.Core
- github.com/zzzprojects/System.Linq.Dynamic.Core/commit/49b6cf0909cf3571e0d3580317675408300dbdac
- github.com/zzzprojects/System.Linq.Dynamic.Core/issues/867
- nvd.nist.gov/vuln/detail/CVE-2024-51417
- zzzprojects.com/
Detect and mitigate CVE-2024-51417 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →